← 返回 Skills 市场
SourceHarbor Watchlist Briefing
作者
Yifeng[Terry] Yu
· GitHub ↗
· v1.0.0
· MIT-0
143
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install sourceharbor-watchlist-briefing
功能描述
Use SourceHarbor watchlists, briefings, Ask, MCP, and HTTP API to answer one question with current story context and evidence.
安全使用建议
This skill appears to be a legitimate operator briefing card for a local SourceHarbor service, but there are inconsistencies you should clear up before installing or running anything: (1) The manifest declares no required env vars, yet SKILL.md expects SOURCE_HARBOR_API_BASE_URL and other runtime inputs — ask the author to declare these explicitly. (2) The install guidance tells you to clone and run code from https://github.com/xiaojiou176-open/sourceharbor.git; treat that as untrusted until you review the repo contents and author provenance. (3) Do not run ./bin/dev-mcp or any binaries from an unknown repo on production systems; run them in an isolated environment first. (4) Confirm whether your platform will actually provide MCP access or local HTTP access to 127.0.0.1:9000 and whether any credentials are required. If you cannot validate the repository and the missing manifest declarations, proceed cautiously or prefer an officially published SourceHarbor package.
功能分析
Type: OpenClaw Skill
Name: sourceharbor-watchlist-briefing
Version: 1.0.0
The skill bundle defines a workflow for an AI agent to interact with 'SourceHarbor,' a tool for managing watchlists and briefings, using the Model Context Protocol (MCP) or a local HTTP API. It includes comprehensive documentation, configuration templates for OpenClaw and OpenHands, and clear instructions in SKILL.md that guide the agent to provide evidence-backed answers. While it directs users to clone an external repository (github.com/xiaojiou176-open/sourceharbor.git) and execute a local binary, these actions are consistent with the stated purpose of setting up a local MCP server and do not exhibit signs of malicious intent or unauthorized data exfiltration.
能力评估
Purpose & Capability
The skill is clearly an operator briefing card for SourceHarbor and its instructions (use MCP or HTTP API to load a watchlist/briefing and cite evidence) align with that purpose. However, the skill metadata declares no required environment variables or credentials while the runtime instructions expect variables like SOURCE_HARBOR_API_BASE_URL, WATCHLIST_ID and SOURCE_HARBOR_MCP_STATUS. That mismatch between declared requirements and the actual workflow is an incoherence to resolve.
Instruction Scope
SKILL.md confines the agent to loading watchlist/briefing data, evidence lookup, and returning structured outputs and guardrails (do not invent evidence). It instructs use of local MCP or local HTTP API endpoints (curl to /api/v1/...), which is appropriate for this use case. The instructions also include human-facing setup steps (git clone, run ./bin/dev-mcp) — useful but these ask a human to run local binaries and set env vars, so they should not be executed blindly by an operator or automated installer.
Install Mechanism
There is no automated install spec (instruction-only), which reduces immediate risk. However references/INSTALL.md recommends cloning https://github.com/xiaojiou176-open/sourceharbor.git and running ./bin/dev-mcp. That points to a third‑party GitHub repo (not declared/verified in metadata). While the guidance is local/manual, following it would install and run code from an unvetted source — a higher-risk action that the user should validate first.
Credentials
The skill requests no credentials in its manifest, but the runtime instructions reference runtime inputs and env vars (SOURCE_HARBOR_API_BASE_URL, WATCHLIST_ID, SOURCE_HARBOR_MCP_STATUS, and local path substitutions). The manifest should declare these as required env/config items. There are no requests for cloud keys or secrets in the instructions, but the metadata mismatch (undeclared envs and local config edits) makes the runtime privilege/requirements unclear and is a proportionality concern.
Persistence & Privilege
The skill is instruction-only, has no install step that would write to disk at install time, and does not request always:true or other elevated persistence. Example config snippets are provided for users to add to their MCP config, but the skill itself does not force persistent agent changes.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install sourceharbor-watchlist-briefing - 安装完成后,直接呼叫该 Skill 的名称或使用
/sourceharbor-watchlist-briefing触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of sourceharbor-watchlist-briefing.
- Added core logic and documentation for briefing on a single watchlist with evidence-backed answers.
- Introduced setup, capabilities, and workflow reference files in the /references directory.
- Updated SKILL.md and README.md with workflow details and runtime requirements.
- Provided new installation, capabilities, demo, and troubleshooting guides.
- Expanded references to support both MCP and HTTP API configurations.
v0.1.16
- Added references/http-fallback.md as new documentation for HTTP API fallback usage.
- Updated SKILL.md to reference the new http-fallback documentation in the companion references section.
- Improved language in SKILL.md for clarity and consistency (e.g., renamed "plugin-grade operator briefing card" to "operator briefing skill card").
- Updated references in documentation files to ensure all relevant usage guides and capability maps are included.
v0.1.15
- Added detailed documentation files: README.md, capability map, example output, and setup reference.
- Expanded SKILL.md to clarify exposed MCP abilities, runtime setup, and output contract.
- Introduced trigger keywords for easier discovery and integration.
- Improved workflow, guardrails, and guidance for using SourceHarbor watchlists in operator briefings.
v0.1.14
sourceharbor-watchlist-briefing 0.1.14
- Updated SKILL.md with clearer instructions, workflow details, and required steps for answering questions using SourceHarbor watchlists.
- Added sections on skill goal, specific user inputs, and prioritized workflow order (MCP, HTTP API, then web routes).
- Clarified required outputs: current story, changes, evidence, and suggested next action.
- Included explicit guardrails to prevent false claims and ensure evidence-based answers.
- Listed related documentation surfaces for reference.
元数据
常见问题
SourceHarbor Watchlist Briefing 是什么?
Use SourceHarbor watchlists, briefings, Ask, MCP, and HTTP API to answer one question with current story context and evidence. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 143 次。
如何安装 SourceHarbor Watchlist Briefing?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install sourceharbor-watchlist-briefing」即可一键安装,无需额外配置。
SourceHarbor Watchlist Briefing 是免费的吗?
是的,SourceHarbor Watchlist Briefing 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
SourceHarbor Watchlist Briefing 支持哪些平台?
SourceHarbor Watchlist Briefing 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 SourceHarbor Watchlist Briefing?
由 Yifeng[Terry] Yu(@xiaojiou176)开发并维护,当前版本 v1.0.0。
推荐 Skills